This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
tk8.3 8.3.5-4ubuntu1.1
tk8.4 8.4.12-0ubuntu1.1

Ubuntu 6.10:
tk8.3 8.3.5-6ubuntu1.1
tk8.4 8.4.12-1ubuntu0.1

Ubuntu 7.04:
tk8.3 8.3.5-6ubuntu2.1
tk8.4 8.4.14-0ubuntu2.1

In general, a standard system upgrade is sufficient to affect the
necessary changes.

Details follow:

It was discovered that Tk could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted
GIF image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.